{ lib, pkgs, ... }:

{
  imports = [
    ./hardware.nix

    ./photoprism.nix
    ./immich.nix
  ];

  # Bootloader.
  boot.loader.systemd-boot.enable = true;

  networking.hostName = "photoprism";

  disko.devices = import ./disko.nix;

  # TODO: ipv6 address
  deployment.targetHost = "";

  # Set your time zone.
  time.timeZone = "Europe/Paris";

  environment.systemPackages = with pkgs; [ neovim ];

  services.openssh.enable = true;
  users.users.root.openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMBW7rTtfZL9wtrpCVgariKdpN60/VeAzXkh9w3MwbO julien@enigma"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrijwPlb7KQkYPLznMPVzPPT69cLzhEsJzZi9tmxzTh cst1@x270"
  ];

  security.acme.acceptTerms = true;
  security.acme.defaults.email = "webmaster@nixos.org";

  # TODO: open the right ports
  networking.firewall.allowedTCPPorts = [ 80 443 8007 ];
  networking.firewall.allowedUDPPorts = [ ];

  networking.useNetworkd = true;

  # TODO: 
  systemd.network.networks."10-wan" = {
    matchConfig.Name = "ens18";
    networkConfig = {
      DHCP = "ipv4";
      Address = "2a01:e0a:de4:a0e1:eb2:caa1::4";
    };
    # make routing on this interface a dependency for network-online.target
    linkConfig.RequiredForOnline = "routable";
  };

  system.stateVersion = "23.11";
}